<?php
header('Content-Type: text/xml;charset=UTF-8');

$basepath = $_SERVER['DOCUMENT_ROOT'];
require_once($basepath. '/mapblogs/app_config/app_config_v2_sum2_08.php');

//$db_host = "localhost";
//$db_user = "webapp";
//$db_pass = "ci23amo8";
//$db_name = "mapblog";
//$g_mapblog_table_name = "mapblogv2_sum02_08";


$lat = (float)$_GET['lat'];
$lng = (float)$_GET['lng'];
$loc_label = addslashes(htmlspecialchars(strip_tags(utf8_encode($_GET['loc_label']))));
$loc_url = htmlspecialchars(strip_tags(utf8_encode($_GET['loc_url'])));
$nickname = htmlspecialchars(strip_tags(utf8_encode($_GET['loc_nickname'])));
$category = htmlspecialchars(strip_tags(utf8_encode($_GET['loc_category'])));
$g_course_id = htmlspecialchars(strip_tags(utf8_encode($_GET['cid'])));

//if (! $_GET['loc_section'] ) {
//	$myErrorStr = "Error: Somehow the course section ID was lost. Start over again by clicking the link in your course.";
//	$doQuery = false;
//} else {
$loc_section = htmlspecialchars(strip_tags(utf8_encode($_GET['loc_section'])));
//}

$curdate = date("Y-m-d");
$comment = "";
$doQuery = true;
$myErrorStr = "";


if ($loc_label == "") {
	$myErrorStr = "Error: the label was blank";
	$doQuery = false;
};
/*
if ($loc_section == "") {
	$myErrorStr = "Error: Somehow the course section ID was lost. Start over again by clicking the link in your course.";
	$doQuery = false;
};
*/

if ($doQuery) {
$conn = mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name, $conn);
	
$query = "insert into " . $g_mapblog_table_name . " (place_name, section, page_url, latitude, longitude, userid, add_date, comment, category, course_id, active_record) values ('" . $loc_label . "', '" . $loc_section . "', '" . $loc_url . "'," . $lat. ", " . $lng . ", '" . $nickname . "', '" . $curdate . "', '" . $comment . "', '" . $category . "', '" . $g_course_id . "'," . 1 . ")";

	
$result = mysql_query($query, $conn);
//$num_result = mysql_num_rows($result);

$query = "select * from " . $g_mapblog_table_name . " order by row_seq_no DESC LIMIT 1";

$result = mysql_query($query, $conn);
while ($row = mysql_fetch_array($result)) {
	$row_seq_no = $row["row_seq_no"];
}



//$newMarkerContent = "<div><b>Label:</b> $loc_label</div><div><b>URL: </b> $loc_url</div>";
$newMarkerContent = "<result>$row_seq_no</result>";
//$newMarkerContent = "";

echo <<<XML
<?xml version="1.0"?>
<response type="success" ><![CDATA[$newMarkerContent]]></response>
XML;
} else {
echo <<<XML
<?xml version="1.0"?>
<response type="fail" ><![CDATA[$myErrorStr]]></response>
XML;

}
?>
